<?php
	// 验证用户是否登录
	require_once 'session-check.php';
	/**
		管理员操作post的各种处理
	 */
	require_once '../util/dbconnection.php';
	require_once '../util/error.php';
	require_once '../util/public.php';
	
	$user = $_SESSION['login_user'];

	$action = $_GET['action'];
	
	if( $action == "update" ){
			// 检查form提交的参数
		$nickname = isset($_POST['nickname'])?strip_tags($_POST['nickname']):'';
		$email = ( isset($_POST['email']) ) ? trim($_POST['email']) : '';
		$pwd1 = ( isset($_POST['newpwd1']) ) ? trim($_POST['newpwd1']) : null;
		$pwd2 = ( isset($_POST['newpwd2']) ) ? trim($_POST['newpwd2']) : null;

		if( (''!=$pwd1) && (''!=$pwd2) ){
			if( $pwd1 != $pwd2 ){
				site_die( "两次输入的密码不同，请重新输入" );
			}
		}
		connect_db();
		if( !update_userinfo($user, $nickname, $email, $pwd1 ) ){
			site_die( "更新用户信息失败，请重新输入" );
		}
		close_db();
		site_redirct("user-admin.php");
	}else if( $action == "logout" ){
		//echo "logout";
		session_start();
		unset($_SESSION["login_user"]); 
		session_destroy();
		
		site_redirct("login.php");
	}else{
		site_die("错误的请求");
	}
	
	
?>